Legal claims defining the scope of protection, as filed with the USPTO.
1. A computing device, comprising: execution hardware including at least one hardware processor core, a verification module, and non-volatile memory storing a private symmetric key (PSK) unique to the computing device; wherein when executed, the verification module causes the execution hardware to: perform pre-execution local authenticity verification of externally-supplied code (ESC) in response to a command to launch the ESC on the computing device; wherein the local authenticity verification includes computation of a cryptographic message authentication code (MAC) of the ESC based on the PSK, and verification of the MAC against a stored local authenticity verification value (LAV) previously written to the non-volatile memory; wherein the non-volatile memory includes a secure register that stores input parameters used in determining the PSK associated with the MAC, wherein access to the PSK is limited to only the verification module, and to authorized code being executed in an isolated execution environment (IEE); and in response to a positive verification of the of the MAC, permit execution of the ESC.
2. The computing device of claim 1 , wherein the secure register includes at least one physical unclonable function (PUF).
3. The computing device of claim 1 , wherein the LAV was produced only as result of a positive source-authentication of the ESC.
4. The computing device of claim 3 , wherein computation of the LAV includes application of a cryptographic function to the ESC based on the PSK.
5. The computing device of claim 3 , wherein the source-authentication includes verification of a digital signature of the ESC by the computing device.
6. The computing device of claim 3 , wherein in response to a positive source-authentication of the ESC, the execution hardware is to set an authentication status value for the ESC representing completion of the source-authentication, wherein the authentication status value is used to determine when source-authentication is needed.
7. The computing device of claim 3 , wherein the source-authentication is more computationally intensive than the local authenticity verification.
8. The computing device of claim 1 , wherein the verification module includes an initialization module and an authentication converter module, and wherein: the authentication converter causes the execution hardware to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature; and wherein the initialization module causes the execution hardware to preferentially perform the pre-execution local authenticity verification of the ESC when the LAV is available.
9. The computing device of claim 1 , wherein the verification module is executed in a cache-as-RAM (CRAM) mode of the at least one processor core.
10. The computing device of claim 1 , wherein the computing device includes an authentication converter module, and wherein the authentication converter module causes the execution hardware to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature.
11. The computing device of claim 10 , wherein the authentication converter module is executed in an isolated execution environment on the computing device.
12. The computing device of claim 1 , wherein non-volatile memory contains a hash value of the authentication converter module.
13. The computing device of claim 1 , wherein the verification module causes the execution hardware to store version information associated with LAV of the ESC.
14. A method for authenticating code to be executed on a computing device, the method comprising: storing, in non-volatile storage of the computing device, a private symmetric key (PSK) unique to the computing device; performing, by the computing device, pre-execution local authenticity verification of externally-supplied code (ESC) in response to a command to launch the ESC on the computing device, the local authenticity verification including: computing a cryptographic message authentication code (MAC) of the ESC based on the PSK; and verifying the MAC against a stored local authenticity verification value (LAV) previously written to the non-volatile storage; wherein the non-volatile memory includes a secure register that stores input parameters used in determining the PSK associated with the MAC, wherein access to the PSK is limited to only the verification module, and to authorized code being executed in an isolated execution environment (IEE); and in response to a positive verification of the of the MAC, permitting execution of the ESC.
15. The method of claim 14 , wherein the LAV was produced only as result of a positive source-authentication of the ESC.
16. The method of claim 15 , wherein in response to a positive source-authentication of the ESC, the computing device is to set an authentication status value for the ESC representing completion of the source-authentication, wherein the authentication status value is used to determine when source-authentication is needed.
17. The method of claim 14 , wherein the computing device includes an initialization process and an authentication converter process, and wherein: the authentication converter process causes the computing device to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature; and wherein the initialization process causes the computing device to preferentially perform the pre-execution local authenticity verification of the ESC when the LAV is available.
18. The method of claim 14 , wherein the computing device includes an authentication converter process, and wherein the authentication converter process causes the computing device to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature.
19. The method of claim 14 , further comprising storing version information associated with LAV of the ESC in the non-volatile storage.
20. A non-transitory machine-readable storage medium containing instructions executable on a computing device having execution hardware including at least one hardware processor core, and non-volatile memory, wherein the instructions, when executed, cause the execution hardware to: perform pre-execution local authenticity verification of externally-supplied code (ESC) in response to a command to launch the ESC on the computing device; wherein the local authenticity verification includes computation of a cryptographic message authentication code (MAC) of the ESC based on a private symmetric key (PSK), stored on the non-volatile memory unique to the computing device, and verification of the MAC against a stored local authenticity verification value (LAV) previously written to the non-volatile memory; wherein the non-volatile memory includes a secure register that stores input parameters used in determining the PSK associated with the MAC, wherein access to the PSK is limited to only the verification module, and to authorized code being executed in an isolated execution environment (IEE); and in response to a positive verification of the of the MAC, permit execution of the ESC.
21. The machine-readable medium of claim 20 , wherein the LAV was produced only as result of a positive source-authentication of the ESC.
22. The machine-readable medium of claim 21 , wherein computation of the LAV includes application of a cryptographic function to the ESC based on the PSK by the execution hardware.
23. The machine-readable medium of claim 21 , wherein the source-authentication includes verification of a digital signature of the ESC by the computing device.
24. The machine-readable medium of claim 21 , wherein in response to a positive source-authentication of the ESC, the instructions are to cause the execution hardware to set an authentication status value for the ESC representing completion of the source-authentication, wherein the authentication status value is used to determine when source-authentication is needed.
25. The machine-readable medium of claim 21 , wherein the source-authentication is more computationally intensive than the local authenticity verification.
26. The machine-readable medium of claim 20 , wherein the instructions, when executed, implement an initialization module and an authentication converter module, and wherein: the authentication converter causes the execution hardware to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature; and wherein the initialization module causes the execution hardware to preferentially perform the pre-execution local authenticity verification of the ESC when the LAV is available.
27. The machine-readable medium of claim 20 , wherein the instructions, when executed, implement an authentication converter module, and wherein the authentication converter module causes the execution hardware to perform verification of a digital signature of the ESC and generation of the LAV in response to a positive result of the verification of the digital signature.
28. The machine-readable medium of claim 27 , wherein the authentication converter module is executed in an isolated execution environment on the computing device.
29. The machine-readable medium of claim 20 , wherein the instructions, when executed, cause the execution hardware to store version information associated with LAV of the ESC.
Unknown
February 20, 2018
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.